We've long joined makers and tinkerers in warning that, as software becomes a part of more and more everyday devices, DRM and the legal restrictions on circumventing it will create hurdles to standard repairs and even operation. In the U.S., a car manufacturer who had wrapped its onboard software in technical restrictions could argue that attempts to get around those are in violation of the Digital Millennium Copyright Act (DMCA)—specifically section 1201, the notorious "anti-circumvention" provisions. These provisions make it illegal for users to circumvent DRM or help others do so, even if the purpose is perfectly legal otherwise. Similar laws exist around the world, and are even written into some international trade agreements—including, according to a recently leaked draft, the Trans-Pacific Partnership Agreement.

Since the DMCA became law in 1998, Section 1201 has resulted in countless unintended consequences. It has chilled innovation, stifled the speech of legitimate security researchers, and interfered with consumer rights. Section 1201 came under particular fire this year because it may prevent consumers from unlocking their own phones to use with different carriers. After a broadly popular petition raised the issue, the White House acknowledged that the restriction is out of line with common sense.

The problem extends beyond inconvenience. In plenty of cases, DRM has led to users losing altogether the ability to watch, listen to, read, or play media that can't be "authenticated." Video games with online components now routinely reach an end-of-life period where the company providing the authentication decides it's no longer worth it to operate the servers. That raises the frightening possibility of a company like Renault deciding that it's not cost-effective anymore to verify new batteries—and leaving car owners high and dry.

And these are all just the problems with the DRM running as expected. Unfortunately, the intentional restrictions created by DRM can also create security vulnerabilities that can be exploited by other bad actors. The most prominent example may be the "rootkit" that Sony included on music CDs and which led in some cases to further malware infection. The stakes may be even higher when it comes to cars. Security researchers uncovering security problems in cars already face restrictions on publishing; that stands to get worse as DRM enters the picture.

As our friends at iFixit say, if you can't fix it, you don't own it. Users need the right to repair the things they buy, and that is incompatible with blanket restrictions on circumventing DRM.

Copyright maximalists like to point to the 1201 safety valve—a rulemaking procedure to identify narrow exemptions. But the process happens every three years in the Copyright Office, and it's pretty dysfunctional: the exemptions require extensive work, must be justified from scratch each time, and have no established appeal process. Permission to "jailbreak" cars can't even be considered until 2015, and even if it is granted, consumers may be wary to invest in a new car if their right to repair it could be revoked three years later.

There's a better way, but it requires legislation. Representative Zoe Lofgren and a group of bipartisan sponsors have proposed the Unlocking Technology Act, to limit the anti-circumvention provisions to cases where there is actual infringement. That's a common sense change that is long overdue.

More fundamentally, though, users must push back on the creeping imposition of DRM in more and more places. As EFF Fellow and former staff member Cory Doctorow has noted, computers are increasingly devices that we depend on for our own health and safety. It's critically important, then, that consumers actually own our stuff. Stay tuned: We’ll be pushing hard on this issue on many fronts in the coming year, and we’ll need your help.

It's been just over a year since HP got caught using dirty tricks to force its customers to use its official, high-priced ink, and now it's Epson's turn to get in on the act. Epson claims that ink-cartridges that are compatible with its printers violate a nonspecific patent or...

At EFF, we've become all too accustomed to bad news on copyright coming out of Europe, so it's refreshing to hear that Portugal has recently passed a law on copyright that helps to strike a fairer balance between users and copyright holders on DRM. The law doesn't abolish legal...

At EFF, we've become all too accustomed to bad news on copyright coming out of Europe, so it's refreshing to hear that Portugal has recently passed a law on copyright that helps to strike a fairer balance between users and copyright holders on DRM. The law doesn't abolish legal...

Dear Jeff, Tim, and colleagues, In 2013, EFF was disappointed to learn that the W3C had taken on the project of standardizing “Encrypted Media Extensions,” an API whose sole function was to provide a first-class role for DRM within the Web browser ecosystem. By doing so, the organization offered the...

Yesterday's record-smashing Net Neutrality day of action showed that the Internet's users care about an open playing field and don't want a handful of companies to decide what we can and can't do online. Today, we should also think about other ways in which small numbers of companies, including...

Dear Tim, Jeff, and W3C colleagues, On behalf of the Electronic Frontier Foundation, I would like to formally submit our request for an appeal of the Director's decision to publish Encrypted Media Extensions as a W3C Recommendation, announced on 6 July 2017. The grounds for this appeal are that...

Note: We’ve been in touch with a group of economists at the University of Glasgow who are investigating the market value on interoperability. Just in time for “Day Against DRM,” here are some of their initial conclusions. My co-authors and I at the University of Glasgow are investigating how restrictions...

Early today, the World Wide Web Consortium (W3C) standards body publicly announced its intention to publish Encrypted Media Extensions (EME)—a DRM standard for web video—with no safeguards whatsoever for accessibility, security research or competition, despite an unprecedented internal controversy among its staff and members over this issue. EME is...